package com.example.auth2.config;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
//@EnableGlobalMethodSecurity(prePostEnabled = false)
public class WebsecuityImp extends WebSecurityConfigurerAdapter {
    Logger logger = LoggerFactory.getLogger(WebsecuityImp.class);
    @Override
    public void configure(WebSecurity web) throws Exception {
        super.configure(web);
    }
    @Autowired
    private LoginSuccessHandler loginSuccessHandler;
    @Autowired
    private LoginFailHandler loginFailHandler;
    @Override
    protected void configure(HttpSecurity http) throws Exception {
//        http.
        http
                // .authorizeRequests().antMatchers permitAll 需要忽略认证 如/login 就不会被拦截 允许直接访问
                .authorizeRequests().antMatchers("/login").permitAll()
                // authorizeRequests().anyRequest().authenticated() 其他的需要校验token
                .anyRequest()
//                .antMatchers("/login","/index")
                .authenticated()//校验token
//                .anyRequest().
//                authenticated()
//                .antMatchers("/*","/**")
//                .permitAll()
//                .and().formLogin()
//                .loginPage("/login")
//                .successHandler(loginSuccessHandler).failureHandler(loginFailHandler)
        ;
    }


}
